Organizations covered by the European Accessibility Act (EAA) need documented proof that their digital products and services conform to EN 301 549. That proof comes in several forms: accessibility audit reports, conformance statements, ACRs, internal policies, and remediation records. Without this documentation, a claim of compliance carries no weight with market surveillance authorities or procurement buyers.
The EAA went into effect on June 28, 2025, and applies to a wide range of products and services sold within the European Union. If your web app, mobile app, ecommerce platform, or digital service falls under scope, the question is not whether you need evidence of compliance but what kind.
| Evidence Type | What It Demonstrates |
|---|---|
| Accessibility Audit Report | Documents how each page or screen was evaluated against EN 301 549 criteria, with identified issues and severity |
| Conformance Statement | A public declaration of conformance level, including scope, standard version, and any known limitations |
| ACR (VPAT INT Edition) | Maps product conformance to EN 301 549, commonly requested by EU procurement and enterprise buyers |
| Remediation Records | Shows a documented history of identified issues being addressed, tracked, and validated |
| Internal Accessibility Policy | Proves ongoing organizational commitment, staff training, and processes for maintaining conformance |
Why Documentation Matters Under the EAA
The EAA is a directive, meaning each EU member state writes its own enforcement law based on the directive’s requirements. Enforcement varies by country, but every member state requires economic operators to demonstrate compliance when asked by market surveillance authorities.
This is different from the ADA in the United States, where compliance is often reactive. Under the EAA framework, manufacturers, importers, distributors, and service providers each carry responsibility. If a surveillance authority requests proof of accessibility, you need to produce it.
Having no documentation is itself a compliance risk, regardless of how accessible your product actually is.
What Does an Accessibility Audit Report Prove?
An accessibility audit report is the foundation of your evidence. It documents how an auditor evaluated your digital product against EN 301 549 (which incorporates WCAG 2.1 AA) and identifies every issue with its location, description, and relevant success criterion.
A manual accessibility audit is the only way to determine WCAG conformance. Automated scans flag approximately 25% of issues. They cannot serve as your primary evidence. An audit conducted by a qualified auditor carries weight because it covers the full standard, including criteria that require human judgment.
Accessible.org audits are always fully manual and map directly to WCAG 2.1 AA and WCAG 2.2 AA, making the resulting report usable as EAA evidence when the evaluation covers EN 301 549 scope.
Do You Need a VPAT or ACR for the EAA?
A VPAT is a template. An ACR is the completed document. For EAA purposes, the relevant edition is the VPAT INT (International) edition, which maps to EN 301 549.
While the EAA does not explicitly require a VPAT or ACR, EU procurement processes frequently request one. Enterprise buyers evaluating SaaS products, ecommerce platforms, or digital services expect an ACR as part of vendor assessment. If your product is sold to organizations within the EU, an ACR built on the INT edition is practical evidence that signals conformance to the EN 301 549 standard.
An ACR does not have a formal expiration date, but it should be updated after significant product changes. An outdated ACR with issues that no longer reflect your product’s current state can work against you.
Conformance Statements and Accessibility Policies
A conformance statement is a public-facing document that declares your product’s accessibility status. It should include the standard you evaluated against (EN 301 549 or WCAG 2.1 AA), the scope of the evaluation, the date, and any known limitations.
This is not marketing copy. It is a formal statement that surveillance authorities and users rely on. Vague language without specifics is a red flag.
An internal accessibility policy goes further. It documents your organization’s processes for maintaining conformance: who is responsible, how audits are scheduled, how issues are tracked and remediated, and what training staff receive. The EAA expects ongoing compliance, not a one-time effort. A policy demonstrates that accessibility is built into your operations.
Tracking Remediation as Ongoing Evidence
Fixing issues after an audit is expected. What matters for compliance evidence is showing you did it systematically. Remediation records that document which issues were identified, when they were addressed, and how fixes were validated create a timeline of good-faith effort.
The Accessibility Tracker Platform is built for this. It allows teams to upload audit reports, track each issue through remediation, and generate progress documentation. For organizations managing multiple digital products under EAA scope, the platform maps each project’s conformance status in one place.
Surveillance authorities are more likely to view your compliance favorably when you can show a clear, documented path from audit to conformance.
How Should You Organize Your Evidence?
Keep your documentation centralized and current. At minimum, your EAA compliance evidence should include:
A manual accessibility audit report evaluating against EN 301 549 or WCAG 2.1 AA. A public conformance statement with scope, standard, and date. An ACR using the VPAT INT edition if your product is sold to EU organizations. Remediation records showing issues tracked, fixed, and validated. An internal accessibility policy covering roles, processes, and training.
Each document serves a different audience. The conformance statement is for the public. The audit report and ACR are for procurement buyers and authorities. The policy and remediation records are for internal governance and, if requested, regulatory review.
Can automated scans serve as EAA compliance evidence?
No. Scans only flag approximately 25% of accessibility issues. They cannot evaluate criteria that require human judgment, such as whether alt text is meaningful or whether focus order is logical. Scan results can supplement your documentation, but they cannot replace a manual audit as your primary evidence of conformance.
How often should you update your EAA compliance documentation?
After any significant product change, such as a redesign, new feature release, or platform migration. Even without major changes, reviewing your audit report and conformance statement annually is a reasonable cadence. The EAA expects ongoing conformance, not a static snapshot.
What happens if you cannot produce evidence when asked?
Market surveillance authorities in each EU member state have the power to request documentation and, if it is missing or insufficient, take corrective action. Penalties vary by country but can include fines, product restrictions, or removal from the market. The absence of documentation is treated as a compliance issue on its own.
EAA compliance is not a single document. It is a set of records that together tell the story of how your organization evaluated, remediated, and maintained the accessibility of its digital products. The organizations best positioned are those that treat documentation as part of the process rather than an afterthought.
Contact Accessible.org to get an accessibility audit and the documentation you need for EAA compliance.
